If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

New network... HELP

I have just created a network at my home, i am trying to learn how to make it as secure as possible and how to test to see if it is secure. If you can give me some advice or some ideas on tools or books that i can read, i would be greatful.

Untruth

I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones.
--Albert Einstein

Get a good firewall (do a search for threads on firewalls for more info), a good antivirus (again, do a search, plenty of good threads to choose from). There is a security testing tool at www.dslreports.com that you can use to evaluate your system.

sorry nabylbt,
i am using a swich and connecting to the internet through direct pc satalite (download only) phone line upload, and very soon i am going to be hooked up through dsl. all the computers hook up through one main comuter which is hooked up to the modem that talks to the satalite.
I hope i have given anough details.

I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones.
--Albert Einstein

I advise you to install a good IDS (like http://www.snort.org ) and/or to sniff yourself your network regularly.

We could help you better if we'd have more precisions. What is the number of computers in your network? What OS's do you use? What is the architecture of your network? Do you have a static ip/dns name?

when i did a port scan against my network, it did not work. I use nmap. But when i used the testing tool at www.dslreports.com it showed that i have one port open. how would i close that port? Second, i remember a command at the prompt that shows a list of open and closed ports. I can't remember what that is, if someone can help me with that i would be greatful.

kisscool: there are 5 computers in my network including the server, and my ip is not static. all the computers are hooked up by a swich, that then run to the server which has connection to the satalite which give me internet access. I hope i have given anough information.

untruth

I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones.
--Albert Einstein

I have one setup that lists my tasklist, net connections, fport to match all the connections to the tasklist and a couple others. For me it is just easiter to use a .bat file rather than typing them all out and going back in forth between screens. If you append them to a file and then open the file at the end of the batch, it will be there nice and neat on one screen. just my opinion.

Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Ok, so I recommand you to put a very good firewall in the entry of your network (I think it is your server who is directly connected), you will be able to close your open port with it but I guess that your open port is open by your navigator. An NIDS (snort) on your network with logs copied in another computer.
Keep up to date your servers patches and monitor regularly your logs and your network activity.

Is this server just for you to play with,or is it business based?(ie. are there going to be people who will have direct access to it that may not be completely trustworthy).If this is the case,permissions are going to play a big role in security.Also it's important to educate any others in the security risks involved with a network.As the old saying goes.Your computer(network in this case) is only as secure as its weakest link.

No, because a firewall would basically do crap. You would need IPTables or whatever to make sure the WHOLE network is secure or use an entire box to be a firewall.

I figured that I would share that since it MIGHT be beneficial to untruth. As for the peckerhead that left it for me....I'm really getting a kick out of the comments you send me, honest. I'm just curious as to if this is Alex sending them (thus making good on his threat to "fix" me) or just somebody stupid enough to do whatever the little lamer tells them to do? It doesn't really matter which it is, I just want to thank you for providing me with an example of how not to act on the internet. You have my gratitude.